1.0.6

DATE	CVE	VULNERABILITY TITLE	RISK
2009-03-11	CVE-2009-0660	Cross-Site Scripting vulnerability in Mahara Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.10 and 1.1 before 1.1.2 allow remote attackers to inject arbitrary web script or HTML via a (1) profile and (2) blog, a different vulnerability than CVE-2009-0487. network mahara CWE-79	4.3
2009-02-09	CVE-2009-0487	Cross-Site Scripting vulnerability in Mahara Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject arbitrary web script or HTML via a crafted forum post. network mahara CWE-79	4.3